An error occurred loading an authentication provider on Secondary ADFS farm member

Jun 9, 2016 at 4:41 PM
I thought I would put this in a new thread.

We are successful in loading this on the primary ADFS farm member but it will not load on the secondary. We created a 3rd farm member from scratch and added it to the farm and we still get the this error message:

__An error occurred loading an authentication provider. Fix configuration errors using PowerShell cmdlets and restart the Federation Service.
Identifier: MultiFactorAuthenticationProvider
Context: Passive protocol TLS pipeline

Additional Data
Exception details:
The external authentication method Neos.IdentityServer.MultiFactor.AuthenticationProvider, Neos.IdentityServer.MultiFactor, Version=1.0.0.0, Culture=neutral, PublicKeyToken=175aa5ee756d2aa2 could not be loaded. Exception has been thrown by the target of an invocation.__

This does not seem that complex. But we have gone over this over and over and we cannot get it to load.

Has anybody successful been able to get this to load on a secondary server?
Coordinator
Jun 10, 2016 at 1:53 PM
I'have added 2 Windows Server 2016 TP5 (in compatibility mode) to my ADFS Farm (1 ADFS and 1 Proxy). Deployed the assemblies on each.
No, problem. everything is working.
After, i'have build a new farm, with 4 servers (2 ADFS, 2 Proxies), deployed the solution on each servers, registered the ADFSAuthenticationProvider
No, problem. everything is working.

Have you run the powershell cmd "Get-ADFSAuthenticationProvider" ?
Does the assemblies are correctly deployed ?
Jun 10, 2016 at 2:44 PM
Yes, it comes back with:

AdminName : Multi Factor Authentication Extension
AllowedForPrimaryExtranet : False
AllowedForPrimaryIntranet : False
AllowedForAdditionalAuthentication : True
AuthenticationMethods : {http://schemas.microsoft.com/ws/2012/12/authmethod/otp}
Descriptions : {[1036, Connexion avec un code OTP], [1033, Connect with an OTP code]}
DisplayNames : {[1036, Connexion avec un code OTP], [1033, Connect with an OTP code]}
Name : MultiFactorAuthenticationProvider
IdentityClaims : {http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn}
IsCustom : True
RequiresIdentity : True

I have even built a test MFA provider. And it loads fine on both.
Jun 10, 2016 at 5:40 PM
We just created an ADFS 2016 farm. We just pushed it to the 2 servers and we get the same error.
Jun 10, 2016 at 7:49 PM
Do you know of any way to debug or get additional information on what exception is being thrown?
Coordinator
Jun 10, 2016 at 8:19 PM
Yes, you can debug with Visual Studio Remote debugger.
But as says before, this error is thrown when the assemblies are not deployed, or registration is not conform.
Have you updated your servers with Windows Update ? (many fix concerning ADFS).
I confirm, that i have no problem with multiple servers in a farm (2012 R2, 2016 TP5 or hybrid), this as been tested in multiple labs, and is in production for many of our customers.
So, i think that this not the place to speak about your problem, i suggest that you can open an issue if you want.

Regards
Marked as answer by redhook on 6/21/2017 at 10:48 AM